b)  Phishing

            On August 20, 2018, Portland, Oregon-based Legacy Health notified 38,000 patients that a phishing
                                                 iii
            attack might have breached their data . Further their investigation revealed that unauthorized third party
            gained  access  to  some  of  the  email  accounts  of  employees  that  may  have  contained  some  patient
            information e.g. patients’ name, dates of birth, health insurance information, billing information, medical

            information regarding care received at Legacy Health and, in some cases, social security numbers and
            driver’s license numbers.

            In a phishing campaign, an attacker poses as a legitimate person or entity in an email to get the target to
            provide valuable information, such as credentials, or click on a link that results in ransomware being

            downloaded on the victim’s machine. Employees who are not careful may click on the link or provide
            confidential details which may lead to fraud. According to the study conducted by Cofense “Payment
                                                                                iv
            Notification”  emerged  as  the  top  healthcare  phishing  attack  Subject .The  2018  Verizon  data  breach
            report revealed that phishing attacks are not only prominent, they’re also on the rise, with 43% of data
                                                   v
            breaches stemming from such incidents .

            c)  Insider threats

            On Jan 20, 2016, Wall street journal reported that five people, including two former research scientists of
            the pharmaceutical giant GlaxoSmithKline (GSK), were charged in the U.S. with scheming to steal trade

            secrets and sold them to the organizations operating in China . The stolen data included intellectual
                                                                          vi
            property such as information regarding the research development of multiple biopharmaceutical products.
            In 2018, both scientists pleaded guilty to committing intellectual property theft, but the exact amount of

            financial damage has yet to be calculated. Additionally, insider threats not only include employee stealing
            data but vary from incidents happening due to error or carelessness to theft of employee laptop containing

                            vii
            confidential data .

            d)  Technology management issues

            On Dec. 26, 2018, UW Medicine reported that misconfigured database lead to the exposer of patient data

            on the internet for several weeks. The exciting part is that breach was discovered by a patient looking for
            his own name on google and ended up finding the data related to UW medicine files containing patients’
            names,  medical  record  numbers,  and  a  description  and  purpose  of  the  information .  Other  than
                                                                                                  viii
            misconfigured databases or servers, lack of appropriate IT security implementation in the organization or
            IT vendors who are providing or managing IT solution on your behalf may be the reason for a data breach.







            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         90
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.